Why doesn't pg use HTTPS on his site?
Going to http://www.paulgraham.com doesn't redirect to https
And https://www.paulgraham.com tries to use a certificate for *.store.yahoo.com
And https://www.paulgraham.com tries to use a certificate for *.store.yahoo.com
14 comments
[ 4.1 ms ] story [ 41.1 ms ] threadI have a number of old sites (including my blog until recently) which haven't been switched over to https yet. It's not that I can't do it or that there's any real reason not to use https on those sites, I just have other things going on. PG set up his site years ago when https wasn't a default on the web, that's probably the real answer.
Maybe somebody gets between a reader and his site and injects ads or something.
Or maybe ISPs or local networks can watch what readers read.
I don’t think either is that big of a deal and wouldn’t bother if I had sites.
I’ve used dozens of ISPs and never had this problem. Guess I’m lucky.
I don’t care if people inject stuff into my http content. If it becomes a significant problem, I’ll think about it.
Simplicity is a reward. A big reward.
You're not paying him anything to read his website. He does not owe you a single thing.
https://news.ycombinator.com/item?id=24676257